Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1597
Views
0
Helpful
7
Replies

Routing - OSPF to BGP redistribution issue or quirk with EVE?

jdaby
Level 1
Level 1

‎03-18-2019 05:32 PM

Hi, am simulating a customer environment in EVE. Have a come across the following network issue, I'm not sure if its a redistribution issue or if its a quirk with the EVE virtual environment I'm using to simulate the customer network.

In the diagram, routers R3, R4 and R5 are in their own OSPF Area 0. R3, R4 and R5 can ping each other's interfaces learnt via OSPF.

Mutual redistribution takes place between OSPF and BGP on R3 and R4 with eBGP peering to a pair of Layer 3 switches shown in diagram as Layer 3 switches 301 and 302.

The Layer 3 switches 301 and 301 learn the OSPF routes via BGP and in turn advertise their Layer 3 SVI interfaces via eBGP to R3 and R4 which are redistributed into OSPF.

R5 running OSPF only learns routes to the Layer 3 SVI interfaces, however is unable to ping the SVI's of the Layer 3 switches. Eg in diagram, R5 is unable to ping the VLAN 1100 interface of switch 301 with IP address 10.65.77.1.

The links from R3 to 301 and R4 to 302 are configured as trunk links as the topology will support VRF-lite.

R3 / R4 / R5 are IOSv devices, 301 / 302 are Cisco IOU Linux devices simulating the Layer 3 switches.

R5 has a route to the Layer SVI subnet of 301 which appears in the routing table as 10.65.77.0/30 with R3 (10.0.0.5) as next hop. R3 can ping both R5 (10.0.0.6) and 301 (10.65.77.1), however R5 cannot ping 301. A traceroute from R5 to 301 stops at R3.

Relevant configurations from R5, R3 and 301 attached. Any ideas or pointers appreciated

Thanks

Preview file
12 KB
Preview file
5 KB
Preview file
4 KB
Preview file
166 KB
0 Helpful
7 Replies 7

jalejand
Cisco Employee
Cisco Employee

‎03-18-2019 09:11 PM

From R3, can you ping 10.65.77.1 by sourcing it from 10.0.0.5?

What are the following outputs?

From R5:

#show ip cef exact-route 10.0.0.6 10.65.77.1

 

From R3

#show ip cef exact-route 10.0.0.5 10.65.77.1

#show ip cef exact-route 10.65.77.2 10.0.0.6

 

From 301

#show ip cef exact-route 10.65.77.1 10.0.0.6

 

Regards

0 Helpful

jdaby
Level 1
Level 1
In response to jalejand

‎03-19-2019 04:45 AM

Hi, outputs as requested

 

R3#ping 10.65.77.1 source 10.0.0.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.65.77.1, timeout is 2 seconds:
Packet sent with a source address of 10.0.0.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 2/2/3 ms

R3#

 

R5#show ip cef exact-route 10.0.0.6 10.65.77.1
10.0.0.6 -> 10.65.77.1 =>IP adj out of Ethernet0/0, addr 10.0.0.5

R5#

 

R3#show ip cef exact-route 10.0.0.5 10.65.77.1
10.0.0.5 -> 10.65.77.1 =>IP adj out of Vlan1100, addr 10.65.77.1
R3#

 

R3#show ip cef exact-route 10.65.77.2 10.0.0.6
10.65.77.2 -> 10.0.0.6 =>IP adj out of Ethernet0/1, addr 10.0.0.6
R3#

 

301#show ip cef exact-route 10.65.77.1 10.0.0.6
10.65.77.1 -> 10.0.0.6 =>IP adj out of Vlan1100, addr 10.65.77.2
301#

 

Could issue be related to the trunk configuration between R3 and 301?

 

R3#sh run int eth0/2
Building configuration...

Current configuration : 201 bytes
!
interface Ethernet0/2
 description 301 router - Gi1/1
 switchport trunk allowed vlan 400,1100
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 999
 switchport mode trunk
end

R3#

 

301#sh run int Gi1/1
Building configuration...

Current configuration : 254 bytes
!
interface GigabitEthernet1/1
 description WAN Pri LS TBC
 switchport trunk allowed vlan 400,1100
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 999
 switchport mode trunk
 load-interval 30
 media-type rj45
 negotiation auto
end

301#

 

Thanks John

 

0 Helpful

jdaby
Level 1
Level 1
In response to jdaby

‎03-19-2019 07:47 AM

R5 sees the ping request from 301

 

301#ping 10.0.0.6
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.6, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
301#


R5#debug ip icmp
ICMP packet debugging is on
R5#
*Mar 19 14:27:44.036: ICMP: echo reply sent, src 10.0.0.6, dst 10.65.77.1, topology BASE, dscp 0 topoid 0
R5#
*Mar 19 14:27:46.071: ICMP: echo reply sent, src 10.0.0.6, dst 10.65.77.1, topology BASE, dscp 0 topoid 0
R5#
*Mar 19 14:27:48.107: ICMP: echo reply sent, src 10.0.0.6, dst 10.65.77.1, topology BASE, dscp 0 topoid 0
R5#
*Mar 19 14:27:50.136: ICMP: echo reply sent, src 10.0.0.6, dst 10.65.77.1, topology BASE, dscp 0 topoid 0
R5#
*Mar 19 14:27:52.167: ICMP: echo reply sent, src 10.0.0.6, dst 10.65.77.1, topology BASE, dscp 0 topoid 0
R5#

 

301 does not see ping from R5

 

R5#ping 10.65.77.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.65.77.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

R5#

 

301#debug ip icmp
ICMP packet debugging is on
301#

 

 

 

0 Helpful

Meheretab Mengistu
Level 7
Level 7
In response to jdaby

‎03-19-2019 11:03 AM - edited ‎03-19-2019 11:22 AM

Please share the output of show ip ospf database external from R5.

HTH,
Meheretab
0 Helpful

jdaby
Level 1
Level 1
In response to Meheretab Mengistu

‎03-21-2019 06:18 AM

Hi, output as requested

 

R5#show ip ospf database external

OSPF Router with ID (10.0.0.10) (Process ID 1)

Type-5 AS External Link States

LS age: 1379
Options: (No TOS-capability, DC, Upward)
LS Type: AS External Link
Link State ID: 10.65.77.0 (External Network Number )
Advertising Router: 10.65.77.2
LS Seq Number: 80000055
Checksum: 0x6D4E
Length: 36
Network Mask: /27
Metric Type: 2 (Larger than any link state path)
MTID: 0
Metric: 1
Forward Address: 0.0.0.0
External Route Tag: 65168

LS age: 1379
Options: (No TOS-capability, DC, Upward)
LS Type: AS External Link
Link State ID: 10.65.77.3 (External Network Number )
Advertising Router: 10.65.77.2
LS Seq Number: 80000054
Checksum: 0x9F7A
Length: 36
Network Mask: /30
Metric Type: 2 (Larger than any link state path)
MTID: 0
Metric: 20
Forward Address: 0.0.0.0
External Route Tag: 0

LS age: 1379
Options: (No TOS-capability, DC, Upward)
LS Type: AS External Link
Link State ID: 10.65.77.4 (External Network Number )
Advertising Router: 10.65.77.2
LS Seq Number: 80000054
Checksum: 0xEFAC
Length: 36
Network Mask: /30
Metric Type: 2 (Larger than any link state path)
MTID: 0
Metric: 1
Forward Address: 0.0.0.0
External Route Tag: 65168

LS age: 1379
Options: (No TOS-capability, DC, Upward)
LS Type: AS External Link
Link State ID: 10.65.77.8 (External Network Number )
Advertising Router: 10.65.77.2
LS Seq Number: 80000054
Checksum: 0xC7D0
Length: 36
Network Mask: /30
Metric Type: 2 (Larger than any link state path)
MTID: 0
Metric: 1
Forward Address: 0.0.0.0
External Route Tag: 65168

LS age: 1379
Options: (No TOS-capability, DC, Upward)
LS Type: AS External Link
Link State ID: 10.65.77.12 (External Network Number )
Advertising Router: 10.65.77.2
LS Seq Number: 80000054
Checksum: 0x9FF4
Length: 36
Network Mask: /30
Metric Type: 2 (Larger than any link state path)
MTID: 0
Metric: 1
Forward Address: 0.0.0.0
External Route Tag: 65168

LS age: 1379
Options: (No TOS-capability, DC, Upward)
LS Type: AS External Link
Link State ID: 10.65.77.16 (External Network Number )
Advertising Router: 10.65.77.2
LS Seq Number: 80000054
Checksum: 0x5F35
Length: 36
Network Mask: /29
Metric Type: 2 (Larger than any link state path)
MTID: 0
Metric: 1
Forward Address: 0.0.0.0
External Route Tag: 65168

LS age: 1379
Options: (No TOS-capability, DC, Upward)
LS Type: AS External Link
Link State ID: 10.65.77.24 (External Network Number )
Advertising Router: 10.65.77.2
LS Seq Number: 80000054
Checksum: 0x2761
Length: 36
Network Mask: /30
Metric Type: 2 (Larger than any link state path)
MTID: 0
Metric: 1
Forward Address: 0.0.0.0
External Route Tag: 65168

LS age: 1379
Options: (No TOS-capability, DC, Upward)
LS Type: AS External Link
Link State ID: 10.65.77.28 (External Network Number )
Advertising Router: 10.65.77.2
LS Seq Number: 80000054
Checksum: 0xFE85
Length: 36
Network Mask: /30
Metric Type: 2 (Larger than any link state path)
MTID: 0
Metric: 1
Forward Address: 0.0.0.0
External Route Tag: 65168

R5#

0 Helpful

paul driver
VIP
VIP
In response to jdaby

‎03-21-2019 07:50 AM - edited ‎03-21-2019 07:52 AM

Hello

@jdaby wrote:

External Route Tag: 65168
External Route Tag: 65168
External Route Tag: 65168

R5#

I guess you haven't applied the the filtering as suggested, As the ospf external routes are still tagged with their originated ebgp ASN


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

paul driver
VIP
VIP

‎03-19-2019 01:28 AM - edited ‎03-21-2019 07:42 AM

Hello
Could be an advertisement issue - Try to be as specific as possible when advertising your networks.
When redistributing ospf into bgp by default only will advertise intra-inter area routes so you would need to tell bgp to include any external routes if you desire, lastly to negate any possible loop due to your multiple redistribution points at R3 & R4 apply some filtering.


R3/R4
route-map BGP-OSPF permit 10
set tag 100

route-map OSPF-BGP deny 10
match tag 100
route-map OSPF-BGP permit 99

router bgp 4445
redistribute ospf 1 match internal external 1 external 2 route-map OSPF-BGP

router ospf 1
redistribute bgp 4445 subnets route-map BGP-OSPF


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card